Re: "Scope" of licenses to be covered by SPDX

Bradley M. Kuhn <bkuhn@...>

dmg wrote at 13:17 (EDT) on Sunday:
Please be realistic/serious
I apologize if my analogy bothered you. I'm completely serious, and my
entire point here is to raise realistic scenarios (e.g., GCC) about
where SPDX might be used.

By the way, Godel numbers do not represent functions, they represent
logic statements.
See for info on why I
used the word "function" in that context. I learned the concepts using that
terminology in graduate school in the 1990s; I know other terminology
is also widely used, but I'm happy to defer to you this since you have a PhD
and I only have a Master's degree. :)

But, you're right in that this part of the thread is now off-topic. I
only used that analogy to point out that the difficulty of representing
common licenses is a serious issue for SPDX. SPDX is complete, but very
difficult to use for real-world situations. That's why I thought my
analogy was appropriate. Again, I apologize if you find it

You can extract and document, using SPDX, licensing information in a
way that is well defined.
Again, I agree that SPDX appears to be complete, in that it is, as you
say, ...

This, in my opinion, is the great value of SPDX as it currently
stands. Currently it is a great wrapper format.
... a wrapper format that can be used to represent any particular
licensing situation of a package.

Agreeing on the names of the licenses will be difficult, and as
It's more than just naming; it's an issue that it appears to be quite
difficult to represent some common licensing situations accurately for
common infrastructural pieces.

I've nevertheless offered my help and offer it again, to figure out how
to do this for GCC. It's probably a good test case.

Compare that to the way that Debian (as you pointed out before)
documents licensing.
At the risk of getting flamed again for making an analogy, I'll point out
that SPDX is a bit like the OSI model of network layering right now.
It's heavily structured and wasn't designed in conjunction with an
implementation. SPDX needs a good Free Software implementation.
Indeed, if someone were to go through and build a patchset for Debian to
switch its /usr/doc/*/copyright fields to use SPDX -- even for just for,
say, a Debian base installation you get with deboostrap -- that would be
a huge "real world" scenario to shake out issues with SPDX and give
something useful back to upstream.

Has anyone thought of inviting Stefano Zacchiroli to this list to discuss
that idea?
-- bkuhn
Spdx-legal mailing list

Join { to automatically receive all group messages.